Difference between revisions of "Https redirection"

From SME Server
Jump to navigationJump to search
(added alternative method using custom template fragment and db commands)
(added instructions from earlier howto)
Line 1: Line 1:
 
== https forced redirection using custom template ==
 
== https forced redirection using custom template ==
  
This is a link to an earlier Howto that is still applicable to sme7.x
+
 
 +
===Solution using a custom template only===
 +
 
 +
These instructions come from an earlier Howto that is still applicable to sme7.x
 
http://distro.ibiblio.org/pub/linux/distributions/smeserver/contribs/rmitchell/smeserver/howto/https%20ibay%20forced%20redirection%20HOWTO%20for%20sme%20server.htm  
 
http://distro.ibiblio.org/pub/linux/distributions/smeserver/contribs/rmitchell/smeserver/howto/https%20ibay%20forced%20redirection%20HOWTO%20for%20sme%20server.htm  
  
I will revise the Howto & add it here when time permits
+
====Problem:====
 +
 
 +
You want to force https access to an ibay whenever you access it using http
 +
 +
 
 +
====Solution:====
 +
 
 +
Create a custom template that forces the redirection from http to https
 +
 
 +
This is a similar method to that used to force webmail to https
 +
 +
 
 +
====Information:====
 +
 
 +
This how to is based on forum & devinfo posts, thanks to the posters particularly Orien Love & Tony Clayton and thanks for all the help I have received over the years from Gordon Rowell & Charlie Brady.
 +
 
 +
See http://contribs.org/modules/pbboard/viewtopic.php?p=98152&PHPSESSID=959ab7d52917db44da0c916f4be29d18#98152
 +
 
 +
and
 +
 
 +
http://lists.contribs.org/mailman/public/devinfo/msg07284.html
 +
 
 +
 
 +
====Configuration Procedure:====
 +
 
 +
If it does not already exist then create the following directory
 +
 
 +
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
 +
 
 +
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
 +
 
 +
pico 60redir-ibayname1
 +
 
 +
Paste or type the following code including the brackets, replacing ibayname with the name of your ibay
 +
 
 +
{
 +
 
 +
if ($port ne "443")
 +
 
 +
{
 +
 
 +
$OUT .= <<'HERE';
 +
 
 +
## Redirect Web Address to Secure Address
 +
 
 +
RewriteEngine on
 +
 
 +
RewriteRule ^/ibayname https://%{HTTP_HOST}/ibayname
 +
 
 +
## End Of Redirect
 +
 
 +
HERE
 +
 
 +
}
 +
 
 +
}
 +
 
 +
Save the file & exit
 +
 
 +
Ctrl o
 +
 
 +
then
 +
 
 +
Ctrl x
 +
 
 +
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
 +
 
 +
/etc/init.d/httpd restart
 +
 
 +
 +
 
 +
If you wish to force https access to other ibays then make additional template fragments with a different filename that contain the same code except with the ibay name changed to suit
 +
 
 +
eg
 +
 
 +
61redir-ibayname2
 +
 
 +
Warning: If you receive errors when you expand the template that refer to not finding HERE before EOF, then make sure you have no spaces before or after the HERE entry in the code
 +
 
 +
You can download a copy of this fragment from here, remember to edit it to suit your ibayname:
 +
 
 +
http://distro.ibiblio.org/pub/linux/distributions/smeserver/contribs//rmitchell/smeserver/contribs/https-ibay-redirection/
 +
 
 +
 +
 
 +
====Removal Procedure:====
 +
 
 +
rm /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts/60redir-ibayname1
 +
 
 +
and also remove any other additional ibay redirect fragments if required eg
 +
 
 +
rm /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts/61redir-ibayname2
 +
 
 +
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
 +
 
 +
/etc/init.d/httpd restart
 +
 
 +
 
  
====Alternative method using custom template and db commands====
+
===Alternative method using custom template and db commands===
  
 
Here is an alternative method based on this forum thread http://forums.contribs.org/index.php/topic,31772.new.html#new
 
Here is an alternative method based on this forum thread http://forums.contribs.org/index.php/topic,31772.new.html#new

Revision as of 01:30, 27 April 2011

https forced redirection using custom template

Solution using a custom template only

These instructions come from an earlier Howto that is still applicable to sme7.x http://distro.ibiblio.org/pub/linux/distributions/smeserver/contribs/rmitchell/smeserver/howto/https%20ibay%20forced%20redirection%20HOWTO%20for%20sme%20server.htm

Problem:

You want to force https access to an ibay whenever you access it using http


Solution:

Create a custom template that forces the redirection from http to https

This is a similar method to that used to force webmail to https


Information:

This how to is based on forum & devinfo posts, thanks to the posters particularly Orien Love & Tony Clayton and thanks for all the help I have received over the years from Gordon Rowell & Charlie Brady.

See http://contribs.org/modules/pbboard/viewtopic.php?p=98152&PHPSESSID=959ab7d52917db44da0c916f4be29d18#98152

and

http://lists.contribs.org/mailman/public/devinfo/msg07284.html


Configuration Procedure:

If it does not already exist then create the following directory

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
pico 60redir-ibayname1

Paste or type the following code including the brackets, replacing ibayname with the name of your ibay

{
if ($port ne "443")
{
$OUT .= <<'HERE';
## Redirect Web Address to Secure Address
RewriteEngine on
RewriteRule ^/ibayname https://%{HTTP_HOST}/ibayname
## End Of Redirect
HERE
}
}

Save the file & exit

Ctrl o

then

Ctrl x
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
/etc/init.d/httpd restart


If you wish to force https access to other ibays then make additional template fragments with a different filename that contain the same code except with the ibay name changed to suit

eg

61redir-ibayname2

Warning: If you receive errors when you expand the template that refer to not finding HERE before EOF, then make sure you have no spaces before or after the HERE entry in the code

You can download a copy of this fragment from here, remember to edit it to suit your ibayname:

http://distro.ibiblio.org/pub/linux/distributions/smeserver/contribs//rmitchell/smeserver/contribs/https-ibay-redirection/


Removal Procedure:

rm /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts/60redir-ibayname1

and also remove any other additional ibay redirect fragments if required eg

rm /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts/61redir-ibayname2
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
/etc/init.d/httpd restart


Alternative method using custom template and db commands

Here is an alternative method based on this forum thread http://forums.contribs.org/index.php/topic,31772.new.html#new

At a command prompt do the following:

cp /etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess40ibays /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/90e-smithAccess40ibays

Edit the custom template fragment:

pico -w /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/90e-smithAccess40ibays

It should contain the following code:

$OUT .= "\n";
$OUT .= "#------------------------------------------------------------\n";
$OUT .= "# $key ibay directories ($properties{'Name'})\n";
$OUT .= "#------------------------------------------------------------\n";
$OUT .= "\n";
$OUT .= "<Directory /home/e-smith/files/ibays/$key/html>\n";
## custom code addition
       if($properties{'SSLRequireSSL'})
       {
       if($properties{'SSLRequireSSL'} eq 'on')
           {
           $OUT.="     SSLRequireSSL\n";
           }
       }
## / custom code addition

Save & exit:

Ctrl c
Ctrl x

Then for each ibay you wish to enable secure https access for do:

db accounts setprop ibayname SSLRequireSSL on

(where ibayname is the name of the applicable ibay)

Follow the above with:

expand-template /etc/httpd/conf/httpd.conf
sv t /service/httpd-e-smith